Slashdot Mirror
Vista Security — Too Little Too Late
Thomas Greene of The Register has a fairly comprehensive review of Vista and IE7 user security measures. The verdict is: better but not adequate, and mostly an attempt to shift blame onto the user when things go wrong. From the review: "[Vista is] a slightly more secure version than XP SP2. There are good features, and there are good ideas, but they've been implemented badly. The old problems never go away: too many networking services enabled by default; too many owners running their boxes as admins and downloading every bit of malware they can get their hands on."
.. A Dialog box asking if you wish to run the exploit or not.
And it is the first thing to be disabled for sure.
I'm shocked at these allegations!!!
What I don't get is why they don't make the user a limited user to begin with. It's all implemented - requiring an admin password to do _admin tasks_ as a limited user, but they make the default user an admin. And, honestly, the User Access Control is pretty silly if you're an administrator, ne?
You'd almost think they'd have an agenda in badmouthing Vista and promoting Linux.
Yeah. It's almost as if a lot of people who use this site like Linux or something. I am as baffled as you on this matter.
Microsoft is also one of the biggest sponsors of this site. I guess they have no problem loathing MS and taking their money.
Why would that be a problem? If Microsoft are a big enough bunch of suckers to pay money for advertising on a website where it is highly likely to be ignored, let 'em.
Ahahah Microsoft sponsors a site which is bashing them! They are sooo stupid! Shame on Microsoft!
can't believe I'm speaking up for Vista but ...
User security, is like car safety. It's nice to design for "in case shit happens" but if you drive like a lunatic, you're likely to get hurt.
I think a large part of security involves the self. People don't do enough thinking, and are too lazy to follow simple security procedures. No automated tool or system, that allows some freedoms can protect people entirely. Think about it, the OS'es solution to malware? Only allow MSFT signed binaries to run. But this is horrible as it means only MSFT can authorize binaries and it cuts out 3rd party developers.
At some point the users themselves have to stop and learn how to use their computers properly, if they want to use them. If they're too lazy to figure it out, *and* demand security, they should not use a computer.
Of course it's largely MSFT's fault for breeding a culture of contempt for knowledge. Oh look it's so easy anyone can use it with zero training.
Imagine if MSFT made automobiles (but with the a yolk instead of a wheel/pedals, and other "standard improvements"). No training required!
Tom
Someday, I'll have a real sig.
If Microsoft wants to advertise here, to a crowd that largely doesn't care for them, more power to them.
And if Slashdot wants to take their money and then be critical of them, what's the problem with that either?
And there doesn't seem to be an official Microsoft stance on Slashdot anyway.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
As dissatisfied as I tend to be of Microsoft's "advancements", I have to say that they should not be responsible for making their system impossible to screw up. Daddy just needs to learn to spend money on the high quality porn, instead of the cheap, virus loaded "Click for more!" free porn. But that doesn't address the fact that home users log in as admin. every time - no, that's a different hell right there; MS should make restricted access user accounts mandatory.
Once you start despising the jerks, you become one.
It's pretty obvious that you can't build a fort on a foundation of shit. Without a solid base to hold your fort up, it will sink into the fecal marsh and smell like high heaven.
The security of Windows has always been built upon such a foundation of shit. That's why it's had so many problems. Instead of drawing from the proven security models of systems like UNIX and VMS, the Windows developers went and rolled their own. And you know what? It was shit. It didn't have a solid theoretical underpinning like the security model of other systems have. It's been over 20 years later, and they still haven't looked to the proven models for inspiration.
"and downloading every bit of malware they can get their hands on."
Come on. More than anything, Microsoft is in a no-win situation to try and protect people from themselves. If everyone ran Linux instead of Vista there'd be the same damn problems.
If a thirteen year old wants to download smileys for their IM client, the kid is going to do it. If the software has spyware, then that spyware would do what it takes to open up or break the system. It's pretty damn hard to code against human behaviour.
Microsoft is always going to leave network services on by default because otherwise users might have to go admin and turn them on to get their software to work. Of course the goal is to relieve users of the need to be concerned about what's going on in their computers, but unfortunately it also relieves them of the opportunity to ever learn anything and thereby participate in their own security.
So, you can be "insecure by design", or you can expect your users to educate themselves just a little about how things work and their own role in the security equation. I'm sure the focus groups all say, "We'll take our chances, just don't make us have to think!"
The tone of this article implies that users are too stupid to breathe, let alone operate a computer system. For a crowd that endorses a privacy-rich, DRM-free, open-sourced world, I'd expect more of you to have realized this.
Screw the author of TFA and his insultingly haughty and elitist opinions of what computer OS purchasers can or cannot do. He strikes me as the type that Mitties his day away as the BOFH.
I think that's a bit low. There are only about 30 viruses for Macs (most of which are holdovers from OS 8 days) and I've not encountered one bit of spyware or adware. I don't have experience with Linux, but I imagine it's similar
I think the reason Windows is such a target isn't just its market share, but also its vulnerability.
I'm in the hole of the broadband donut.
*ducks*
When the second paragraph contains this quote --
In a nutshell, Windows is single-handedly responsible for turning the internet into the toxic shithole of malware that it is today.
you know it's going to be fair and balanced.
From the article:
As Billg likes to point out, Windows is the platform on which 90 per cent of the computing industry builds, and this naturally means that it's the platform on which 90 per cent of spyware, adware, virus, worm, and Trojan developers build. That translates into 90 per cent of botnet zombies, 90 per cent of spam relays, 90 per cent of spyware hosts, and 90 per cent of worm propagators.
This implies that Linux, Mac, Solaris, VMS, etc stands for 10% of the malware. This is not true. I would guess that non-Windows systems have less than 1% of the malware.
)9TSS
Oh, the article is from the Register. I see.. no surprises there.
I am the maverick of Slashdot
When you first install ubuntu, you will be prompted to create an user during installation, that users is automatically placed in the sudo list. When you tried to configure something that require admin privilege, it will prompt you for your password. So is command prompt, you will need to put sudo in front of the command to get admin privilege. However, for linux, your windows manager would remember your elevated privilege for a while so the same task would not ask you for the same login/password again for a while. For windows, it's kept coming back again and again.
Microsoft can't fix the users, there will always be the crowd blindly clicking OK or tuning off the firewall because their game's troubleshooting tells them to.
But reducing the number of services and installed programs running, can reduce the number of vunerabilities present and active by default. How long did it take for them to give the option of actually turning off Messenger, despite no one ever using it. The deault install should be the minimum needed to access the net and use office. If we are all used to prompts and downloading programs a wait of a few seconds to install a progam from a file in the Windows install folder, to run something new, shouldn't be too much of a problem.
Especially if we have the option of actually uninstalling IE7 completely.
And on another note, I have watched this Vista launch and still I wonder. -
Why should I get it? I see alot of hype but not a single reason to upgrade.
If this were really happening, what would you think?
The only story I want to hear about Vista security is what it fixes. We already know what Microsoft broke.
I've been telling you for years and I'll tell you again. The fix is:
Diversity is the only solution to internet security. The user gains immediate security in the short term. The community gains security in the long term as weak platforms are eliminated and can no longer be used to attack strong ones. Everyone wins when the monoculture ends. Free software provides both transparency and a diversity of hard targets. Confronted with rising costs, criminals will go back to their usual meat space businesses.
Friends don't help friends install M$ junk.
Yes, I am sure OSTG's Master Plan is far more insidious and underhanded than Microsoft's. Slick OSTG executives have been hoodwinking poor old babes in the woods Microsoft with their confiscatory advertising practices.
Stupid Microsoft! You know what you doing!?!?
http://internetfreedomdisk.blogspot.com/
Great persistent memory LiveCD. Videos to explain them to noobs
...is to lock it up by default and then the users will be FORCED to learn to make stuff work.
And I don't mean those pesky dialogs "Allow application to run?" but rather default low-permission accounts (which implies making it hard to create an administrator account -- which exists already), minimum services out-of-the-box and a checklist of stuff needed to be turned on for apps to function. It's not too hard to enable and start the printer spooler when installing a printer, is it? Or enabling the DHCP client service when needed?
IMHO, the whole idea of a centralized registry to keep all configuration for every installed application AND the OS is flawed.
It's funny the way he uses "IE7" when he's apparently talking about a mixture of IE and IE7... As far as I know, IE7 doesn't have many security bugs known until now, and especially not on Vista due to protected mode... Three letters - F, U, D.
So how exactly could this be better? By preventing the user to install/run any applications downloaded from the internet? It seems that the author of the article never heard about Security vs Usability tradeoffs (however he mentions them somewhere else, which makes it even worse...).
Oh my god, how surprising...
Some references would be nice, as well as proving that DEP and address space randomization won't be enough to counter the threat present due to those services...
That might be true, however it has nothing to do with the remark that Vista won't be enough to make the internet have less malware, etc.
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
"You can't polish a turd."
I think it would be nice if it came from the Creationism Class
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
If a thirteen year old wants to download smileys for their IM client, the kid is going to do it. If the software has spyware, then that spyware would do what it takes to open up or break the system. It's pretty damn hard to code against human behaviour.
What, there's spyware in the Debian repositories? Call Perens, now! Oh wait, false alarm from someone projecting Windoze problems onto free software. Never mind, Gaim, kde's IM client, and all the other IM clients that already have smileys, do not actually contain malware, nor do any of the other user contributed and community verified packages of artwork. Oh dear, that makes life very hard for malware authors.
I'll give you a little hint about the specifics - if you go read the article you can see the author going through all the details of how easy it is to screw a Vista user and why - he compares them to free software browsers and OS because none of those problems exist there! Free software is not like the deceptive and broken crap M$ makes.
I know, I know, you are only pretending to be ignorant. That's OK, I like answering easy questions.
Friends don't help friends install M$ junk.
This is exactly what Vista security is.
My main problem with Vista security is that it is an OS that cries wolf. When I installed Vista, I had to click no less than 50 security confirmation dialog boxes (it's important to note that these were security dialog boxes) within the first hour or so in order to do simple, stupid stuff that clearly should not have needed confirmation. Stuff like changing my desktop background. Stuff like moving some documents around on a removable hard drive. Stuff like copying a line of text from an IE7 edit box. Stuff like pasting that line of text into a different IE7 edit box. Stuff like creating a new text file on my removable hard drive. And so on, and so on, ad nauseum.
This isn't security. This is constant aggravation, and yes, I cannot imagine any normal user calling their geek friend after five minutes and saying, "How do I turn this damn thing off?" Even if they don't, they "mentally" disable it by simply clicking Allow without thinking. Hell, I'm a computer expert, and I did it. "You are installing the pwnzj00 virus." Allow. "You are sending your bank account numbers to Nigeria." Allow, allow, allow, dammit! Leave me alone!
I try to give Microsoft the benefit of a doubt. I'm not a zealot or a Microsoft basher, seriously. I think they've put out some good software, but on this point, I have to agree with the folks who are saying that Microsoft isn't serious about security, they're simply trying to push the blame for when things go wrong onto the users.
There's no way in hell that they could have conducted any usability tests and found the currently scheme acceptable. But they still let it out the door, most likely to meet some sort of artificial management deadline to keep the OS from shipping any later than it already had.
So now, we've gone from OSes that never alert you to potential security risks to an OS that is even worse because it alerts you to everything, security risk or not.
I'll be interested to see how Microsoft tries to fix this mess, both from a technical standpoint and a PR standpoint.
Because it's pretty obvious at that point the author is clueless.
Then again, it's the Register. What else to expect but clueless Microsoft bashing ?
The simple reason in a nutshell: The user cannot make a qualified decision based on the information the system gives him.
With the installer needing admin privileges, no matter if its trying to install a driver or a game demo, the user cannot make a qualified decision whether the privileges asked for are warranted or not. You could blame the user if it was not so. If the user could install a game with "reduced" privileges and it asks for full admin rights, he could smell the rat. He cannot in an environment that asks for admin privs by default for installations.
The only way he could would be to sandbox everything he plans to install and then trace and analyze everything the software does to his system, the files it produces, the data it downloads and/or uploads to/from certain servers, the entries it creates, changes and deletes in the registry... And of course he'd first of all have to know how to interpret this information.
If Vista would give the user sufficient information to actually make a qualified decision, I'd agree. Blame the sucker for being dumb enough to run the trojan. But simply telling him "Flash installer wants admin rights to install, continue?" is not giving him any information at all. What if I simply labeled a Trojan "Flash installer"? Of course it would ask for admin rights to install, that's what an installer does by default.
Give the user enough information to actually make the decision, then blame him if he makes the wrong one. If the user cannot make a qualified decision, all that remains is a game of chance and luck. And you could just as well get rid of those questions, simply because the user cannot answer them anyway with the information the system gives him.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
[article is not] fair and balanced.
That depends on your perspective. If you are Bill Gates, or drugged or both, you might think it's not fair M$ is blamed for all the M$ born malware that threatens the internet and every machine on it. If you are anyone else, you're dumbfounded the authors bothered to run Vista at all. It's funny how people keep doing the same thing and expecting different results. It's not surprising M$ results make people angry, but it is surprising people keep listening to them and giving their software a fair chance to fall on it's face.
The details in the article are pretty irrefutable. Eris's journal entry is not a bad summary if you don't have time to read further than the second paragraph.
Friends don't help friends install M$ junk.
The vulnerability of Vista or any other OS can be traced back to the requirement to modify the OS for software installation. It makes no reasonable sense that an end-user should modify the operating system when installing a software package (exceptions for servers but that's iffy, too). CONFINE the end-user software to the end-user's space (i.e., home directory) - and as suggested earlier, the notion of each user having an independent registry instead of the global system-wide Windows registry is a great idea. An infinite number of users should be able to use a Windows environment without any influence by one user upon another. This goes for all operating systems. I can't understand why this idea hasn't been pursued already. It's too late for Vista but in another 3 years or so this may happen.
One of these days Microsoft will realize that system-wide changes are killing them. Perhaps when they start leasing remote desktop connections for $9.95 a month they will figure this out.
"you are about to read a scary story about the lack of security in Vista. Allow or cancel?"
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Windows is still the only popular OS that has no decent security by default. With Mac OS X, Linux or BSD you got to have a bad admin if your box gets owned. With windows you only need a clueless user and you're screwed. So there has to be something wrong with the design. You can't blame the user for everything; "you shouldn't have clicked that", "you should have been running a better firewall", "you should have bought a better anti-virus software".
No wonder mr ballmer is worried about the competition
Ballmer repeats threats against Linux
There can't be an OS which you'll have to be root to actually be able to do something.
Try to run win XP and see if you can get along with it without root permissions for one day.
The programmers concept for windows is just wrong! you can not require root privileges to run Acrobat Reader, Adobe Photoshop or who knows what
For that matter, try to get along with regular user on Linux, you'll be able to do so (and you'll stay of-course), why? cause Linux was built in as Multi user OS, un-like Windows in which you have to be root to install un-related stuff which you can't even think of why it requires root permissions.
The lesson is, that most of programmers of big companies are basing their programs on the fact that 95% of Windows users runs as Admins.
And also, the whole concept of multi-users is in-fact okay, but the implementation, dir oh lord, is just wrong.
That's why Windows Security just sucks. no matter what
Do what feels good, switch to Linux
That is exactly it. It is the users fault half the time. You want to install sup3r m3g@ scr33nsaver 2000!!!11oneuno then you deserve all the spyware you get. Sure go ahead CLICK THE FART BUTTON on the side of that web page. Win that free laptop! It is stupid people like this that get there computer infected. You cant expect an OS to be idiot proof without locking them down, which is what Vista seems like it is trying to do. I just wish they had an idiot version installed with every Dell, and a non-idiot version for guys like us.
The greatest revenge in life is massive success.
The key, the only key to successfully implementing security in Vista or any other MS codebase is not to work from the assumption that everything can be locked down 100% and nothing bad can ever be made to happen. That's just stupid. Feel free to write an airliner fly by wire system and charge consumers a million dollars for each copy.
No, the problem with Vista and XP and.....is that they think they can both build an elegant system which simultaneously checks everything all the time and prevents an unknown thing from occuring.
The approach should be 180 different from that. It should be to assume that problems will occur and simply mitigate the damage or the extent of the damage they can cause. Build it such that even if it's botnet'd that the outbound traffic is blocked and the damage is limited to that one machine. Build it so that buffer overflows only go as far as that one application or subsystem.
Sandbox sandbox sandbox and when you're done, virtualize it. I really thought that when Intel announced the dual core processors we'd finally see some progress. We'd see one of the two cores devoted to all of the security and protection functions from port scanning, to encryption, to firewalling (in both directions) and so on. But instead we got the dancing bears 3D lucite animated we spent 10 million dollars developing the SOUND that the taskbar makes interface.
What a colossal waste of time and effort. Most of the problems associate with Windows security are DIRECTLY traceable to the fact that none of any of the original problems were ever addressed. They were embraced and layered over with yet more code. Sometimes the code is a workaround, sometimes it's nothing more sophisticated than an alert.
"Do you want to execute this program?"
I don't know. Is it bad? Why don't you tell me? Why don't you give it a whirl in a contained environment, let me know if it's bad, and if not write a sig to the system that lets it know the next time I want to run it it checks that sig for verification purposes.
One of the big complaints in this article is about UAC. It's too bothersome.
I just don't understand the reasoning here. First, the Windows bashers complained that Windows requires you to work as an admin user to perform a lot of common tasks. That's true.
"In Linux I get prompted by a GUI sudo program whenever root privileges are required. MacOS does this too. Windoze is so stupid because you HAVE to run as an administrator! There's no sudo!"
OK, fair enough. Vista adds UAC, which does just what those GUI sudo programs do. The Windows bashers bitch and moan that they're getting prompted too often and decide to disable the feature.
What do you guys expect? Jesus Christ. If Windows requires user confirmation to escalate privileges, you're going to get prompted for your password, plain and simple. If you're foolish enough to be running as an admin, you won't be prompted for your password but you will be prompted to "allow" or "deny". And that's too annoying for you guys? Sheesh. Last time I checked, you don't get prompted AT ALL for ANYTHING when you run GNOME or KDE as root. At least Windows tries to keep things safe in that regard.
So my question to you guys is: what do you want? Windows now has "sudo" functionality, which everyone was complaining about, but the claim now is that it's too intrusive. Can Microsoft ever win with you guys?
The italics are mine. That's probably the most well-put statement about parenting, children, and the internet I have ever come across. I don't think I could have summarized my thoughts on this any better. And since I can't, I won't expound on it any further.
You can't legislate intelligence.
If people are happy to practice unsafe web surfing and software download/installation, then they're gonna have a problem. People need to be taught, informed, educated, whatever term you want to use. Most people are simultaneously trusting of, and in fear of, the computer. When it does something they want, they're happy. When it does something they don't want, suddenly it is all a mystery.
Next up: an article on how people who don't pay attention while they drive, get into more car accidents... despite enormous advances in automotive safety technology.
$nice = $webHosting + $domainNames + $sslCerts
That is the only thing I can think of. I suppose, in the next two years or so, msft plans to strong-arm the game makers to use only directx 10. Other than that, four or five years down the road, you will need Vista to run the latest ms-office, msie, and ms-media player.
I've tried running as a normal user account on Win XP SP2 for several months, with an admin account only when I need to. It helps to stop spyware and such. It also helps to stop me using my system normally. Since then I went back to running as admin, deleting the old admin account (which wasn't a good idea, since applications will sometimes still assume the admin account under which they were installed, still exists. NetLimiter fails, even after uninstall/install, Second Life had to be reinstalled and there were a few more).
Some applications don't work properly in non-admin and there was this very anoying detail of not even being able to see the little calender you get which doubleclicking the time. In understand not being able to change it, but couldn't they have just disabled the [OK] button instead of the entire dialog?
In the end I came to this very simple conclusion:
Windows isn't designed be use as non-admin.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
So the improved security is better for non power users but annoying for power users. Besides Aero (which requires me to upgrade hardware) what is in Vista that is worth the upgrade?
Well, there's spam egg sausage and spam, that's not got much spam in it.
Windows has the same "theoretical underpinning" as VMS (hardly surprising, given they're designed by the same person).
Yes, Cutler was the main designer of both. But that doesn't mean he actually managed to carry over the benefits of VMS. Had you actually ever used VMS, you'd know that it trumps the security of Windows NT hundreds of times over. They are virtually nothing alike. VMS does a great job of providing a secure multi-user operating system, while Windows NT does not (as is shown by the numerous exploits).
The main problem Cutler had with Windows NT was maintaining backwards compatibility with Windows 3.x and MS-DOS. Another problem was that Windows NT was initially designed to be a single-user operating system, thus the security system was designed with this in mind. Its multi-user capabilities were tacked on years later. Systems like VMS and UNIX, on the other hand, were built from the ground-up as multi-user systems, and thus took into consideration the security needs of such usage patterns.
On *ix machines, you usually have a rather fine grained security and permission system, allowing you to give a user pretty much unrestricted access on his personal space without being able to interfere with the system. You can actually configure a system in a way that allows the user near unrestricted permissions, but only in his own user space, including such "features" as installing his own software (only minor limitations apply, mainly in the network areas), and there are very few applications I could think of that cannot be installed and used with user level permissions only (applications that a user wants to run, that is).
Certainly, if people run around as root, they're just as vulnerable in *ix as in any Windows environment. But people would not even notice that they ain't root. They have their standard account which has all their software they need, and the few times they are actually asked to allow root they would notice this as the exception, not the rule (as it is now with Windows) and they would certainly not brush it off as some inconvenience but it would be taken as a warning. Especially if some program from a not really trustworthy source asks for those permissions, just to install a bunch of smileys or a demo of a game.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
There's an "I'm a Mac" ad which covers this: http://images.apple.com/movies/us/apple/getamac/ap ple-getamac-security_480x376.mov
User-level security can only protect users from each other. Desktop machines are usually single-user. Therefore, user security is protecting nothing except operating system and program files, which can be trivially replaced by re-installing them. Most users would consider their personal document much more important, yet these are not protected! User security will not stop a virus from searching your home directory for your tax return and mailing it off to some identity theft. Nor will it stop a virus from accessing the internet to launch DDoS attacks, send spam, or reproduce.
Yet, Microsoft and Unix users alike continue to insist that it does some good. Why? All it does is make life more difficult as you constantly have to switch between user and admin to install programs.
We need to move to a model of program-level security, where every program you run is granted only permissions to do the things you actually want it to do. And we need to develop a user interface which can automatically figure out what permissions you want to grant to programs (e.g. if you select a file from the file->open dialog, then it should grant the program permission to read that file). See Capability-based security.
I ask this question in all seriousness, knowing that it is very hard to get a serious answer on Slashdot where Microsoft is concerned: Is it time to start holding software vendors, like Microsoft, financially and criminally liable for an inability to correctly implement fundamental security measures in their products? Enough is enough, and perhaps it is time for government to step in. If an automotive vendor engineers bad vehicles, they are still liable for the people they hurt, no matter how hard the task of good safety may be for them. Why should it be any different for software vendors?
...En að Besta Sem Guð Hefur Skapað Er Nýr Dagur
I believed some of the FUD when the betas were out and everyone was doing the doom and gloom. But now plenty of copies have shipped, and I have a copy now. For starters, I am running 1.5GB of RAM, e6300, and it is very responsive.
...
Security? I still have an XP machine, it hasn't been remotely exploited since SP2, which doesn't say much for XP, but it shows progression. I bet Vista will have less than Windows 2003. The UAC *doesn't* pop up all the time. Yes, I click it almost immediately when I'm doing stuff that I know will prompt it, but when it just appears out the blue (I've only had one situation though, after visiting a website), I click don't allow.
Next, there is IE7's anti-phishing filter gimmick. I disabled it almost immediately. Meh, I installed firefox right away. Anyway, from the looks of it I thought there was a central database of phishing sites. Something like Google. I believe the button said "Check to see if this site is a known phishing website." Spam filter? I don't know. I don't get spam because of SpamAssassin, but regardless, I installed Thunderbird (v1 won't install, the v2 beta did). I haven't used Windows Mail, so I will stop there
One thing I thought was cool... If I type a url in the explorer address bar, it comes up in my default browser (firefox).
I am all for objective reviews, and this article has some good facts about Vista, but then concludes that Vista sucks.
They bought vista! I can't wait for some M$ guy to say that. Like it will ever happen...
You're saying Debian is secure because there is a centrally controlled repository of software. Vista requires signed kernel-level drivers and you'd say that Microsoft is cutting out open-source developers.
So is centrally controlled the desirable feature, or is ability to develop your own software without requiring approval?
http://video.google.com/videoplay?docid=4914346071 97997836&q=sell+windows
Malware is a business. All that matters is simply, how much money can be generated in how little time. The times of bragging rights and proving that you can do it are over. The amount of that kind of viruses is pretty much equal for all platforms. Btw, the ones existing on Mac and Linux are almost 100% of that "I wanna show it is possible" kind.
Windows also has, sorry to say it, the most clueless user base. I wouldn't claim the reverse (i.e. that Windows users are dumb), but dumb users usually use Windows. They COULD use Mac, but dumb people are rarely the ones with the money to spit out for a Mac.
Linux still has the air of the "geek system" and, frankly, it does take more than two brain cells to use it (with one cell being busy trying to figure out how to get the machine to look for pr0n).
So it's the mix that makes it: You have almost all the dimwit clickmonkeys, you have a system that was never meant to be used as a networked multiuser/multitask system and you have the sizable market share.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I'd take the article a bit more seriously if it wasn't The Register. They read like a blog, and they tend to have a tad more than a little anti-microsoft bias. Point me to the study that shows me where a majority of users disable the UAC and I'll start paying attention.
Tluin natha Linux xxizzuss uriu olt bwael mon'tun.
Ha ha ha. Its working. Users are being blamed for the lack of security on MS Windows. Once we get rid of these pesky security whiners, there'll be no more reason for Linux.
Pardon me, but I thought the reason Windows was crap was because it was so simple to write spyware/malware that COULD run on it, not becasue it lacked security features that disabled users from changing settings.
As long as we blame users for bad software, MS will rule the world and Linux will be a distant second.
Here will be an old abusing of God's patience and the king's English.
You either have no freaking idea what you are talking about or you are skillfully trolling. When Digital fired most of its VMS team in a cost cutting frenzy, Microsoft had the good sense to hire them up. David N. Cutler who was the VMS project leader became the NT project leader at MS. Cutler brought most of his team with him. The result was that NT was in many ways a clone of VMS with a Win32 API and Win16 API layer on top. The story is famous and is told here. Vista is NT and NT is partially a re-implementation of VMS, to the point that Digital sued MS. MS had to pay a settlement to Digital and agree to support the Alpha on NT. Some people speculate that the letters WNT is an increment on VMS and is an inside joke at MS. AFAIK, Cutler is still working at MS and helped with Vista.
sure Windows can be insecure, but if someone takes the time and responsibility they can secure it just fine. You dont blame the gun manufacturers for the person who doent know how to use a gun... Do you blame linux when a user logs in as Root and tears things up?
Thanks to file sharing, I purchase more CDs
Thanks to the RIAA, I buy them used...
on at least one count. It says that the typed URLs in the registry don't get purged when you clear the history. I just tested it, and it does get purged. It's the one thing I tested, and it was wrong. Doesn't give me a whole lot of faith for everything else in the article (including the fact that there was another correction listed at the end of the article).
The difference is still that the user cannot make that decision based on the information given. Vista requires admin rights for nearly everything, how should the user be able to determine whether foul play is involved?
In Unix, you only need root permissions for very, very few and very core and system related issues. Changing the kernel, installing a device, most low level network stuff. You certainly don't need root to install a program for a user. And that's the main source of malware that requires user interaction: Some "funny nice thing" you got from the 'net. Why should a greeting card display tool or a game demo require admin privileges to run or install?
You cannot even "sandbox" it in Vista. You can't create a new account and tell Vista to install it locally, for this account only. Vista by default runs an installer with administrator privileges. How is the user supposed to be able to discriminate between programs that really need those rights and programs that want to infect him, if everything is by default requiring admin privileges?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The journal entry author, "Erris", and this commenter, "Twitter", are the same person. Please moderate accordingly.
can't believe I'm speaking up for Vista but ...
I could care less about Vista, Vista is not the issue, its users, and imperialistic religion about what OS, least important part, runs on the PC and the patform dervied from it. Isn't it about the fanatatically stupid and great and wonderful and overly marketed to death do us never meet (hopefully) Web 2.0 and making the user forget there was a PC in the first place.
User security, is like car safety. It's nice to design for "in case shit happens" but if you drive like a lunatic, you're likely to get hurt.
True that. My "friends", or at least people who wanted me to do work for them would surf "hacker" sites in Europe and then ask for help cleaning their PC's - reload. Then later they switch to Macs and make their lives "better". Just to have the same problem again.
I think a large part of security involves the self. People don't do enough thinking, and are too lazy to follow simple security procedures. No automated tool or system, that allows some freedoms can protect people entirely. Think about it, the OS'es solution to malware? Only allow MSFT signed binaries to run. But this is horrible as it means only MSFT can authorize binaries and it cuts out 3rd party developers.
Yes, but that would be like asking most poeple to not only give to charity, but to volunteer, and maybe even let families share their house when its cold and those familie are homeless. Sure there are some that do this, but then there are some of us who actually pay attention when we use our PC's. Finding out this realization is why desktop LInux just has not happened. Unless you are into "it" whatever it is, you don't really want to get into "it". I could really care less about basketball and anything I know about it is useless knowledge. Linux is still to in-your-face, fortunately M$ is not.
At some point the users themselves have to stop and learn how to use their computers properly, if they want to use them. If they're too lazy to figure it out, *and* demand security, they should not use a computer.
If people drank alcohol less and performed more at work the number of hours worked a week would go down too.
Of course it's largely MSFT's fault for breeding a culture of contempt for knowledge. Oh look it's so easy anyone can use it with zero training.
I don't think its M$'s fault, they are just here at the same time period as this attitude sinks into people. It was the attitude that existed that allowed M$'s lack of security to exist.
Imagine if MSFT made automobiles (but with the a yolk instead of a wheel/pedals, and other "standard improvements"). No training required!
There is no training for automobiles if you wait until you are 18 and skip driver's education.
Tom
On every old webpage.
Ignore this signature. By order.
No, that was someone who thinks you are a douche-bag.
Have a little less respect for yourself.
(This was too easy. Please try harder, kthx)
"It does not do to leave a live dragon out of your calculations, if you live near him." - Tolkien
[spit take]
[replaces coffee-soaked keyboard]
Twitter, you're still operating under the delusion that nobody knows your sock puppets? Although I do appreciate the Freudian slip: You spelled it "Eris". She is, of course, the Greek goddess of discord. But you probably knew that in the first place, which is why you made her your pseudonym's pseudonym.
This sig intentionally left blank.
So, point by point:
While referring to IE's Protected Mode feature:
However, there is a brokering mechanism that enables users to download files to any location they have access to, or to install browser plugins and extensions, and the like. So users are still invited to make a mess of their systems, and no doubt many will, while Microsoft has a chance to shift blame away from itself.
Uh huh. First, you can't install plugins/extensions (with the exception of signed ActiveX) without admin privs. Period. Second, how, exactly, would you propose the user be able to save files to their Documents folder, or do any other file operation in their profile (or basically anyplace on the system) without this brokering mechanism? Would you prefer that Microsoft not allow users to download *any* files via the browser? Ya, that would work out well.
However, IE7 on Vista does still write to parts of the registry in protected mode.
IE7 is running as an extremely low-rights user. This does *not* mean that it doesn't have the ability to write to any part of the registry. It means that the register's ACLs must explicitly allow write access to the IE's low-rights user. Certain locations have been explicitly marked as write-safe for the low integrity process. The example given by The Register is one of them. In other words, it's not an issue.
However, DEP, when full on, may cause a number of applications to crash, or interfere with their installation. I'm betting that a majority of users will opt for the more conservative setting, and this of course means less defense for everyone.
You're betting that the majority of users, most of whom think "DEP" is an actor's last name, will go and hunt down the DEP setting and turn it off because it will supposedly cause lots of applications to crash? Really? You mean they won't selectively turn it off via the dialog box that comes up after a DEP-related crash that asks if you want to turn it off just for this application? Oh, and what quantitative study are you sighting that shows that lots of commonly used applications will crash because of DEP? Give me a break.
User Account Control (UAC) is another good idea, because it finally, finally, finally allows the machine's owner to work from a standard user account, and still perform administrative tasks by supplying admin credentials as needed on a per-action basis. You know, the way Linux has been doing it forever.
Windows has supported running individual processes as admin (or any other account) since NT4. It was integrated into the GUI in Windows 2000. That is not the point of UAC, and it's not how Linux does it at all. If you try and run an application or perform an operation on Linux or Unix that requires admin access, it will fail. It doesn't prompt you. It's a subtle, but big difference. And it's a critical difference in the Windows world where that vast majority of applications won't work without admin privs.
Of course, it only works if everyone stays out of the admin account as much as possible, and if everyone with an admin password knows better than to install a questionable program with admin privileges. And there's the catch: "Windows needs your permission to install this cleverly-disguised Trojan nifty program. Click Yes to get rooted continue."
Wrong. It works regardless of what user you *think* you're running as. An admin account on Vista (with UAC enabled) is NOT AN ADMIN ACCOUNT. It's a limited user. The *only* difference is that an admin account isn't prompted to t
Is cruft piled on top of cruft... So much of windows was written with no thought for security, since it was never meant to be networked nor multiuser. Not just the flawed code, but many of the basic ideas are flawed, so even if rewritten, it will still be flawed or incompatible.
Windows is hugely complicated, far more so than any other OS out there, this huge complexity plus the maze of legacy interfaces results in an unmaintainable and unsecureable mess.
The fact that "server" versions of windows are essentially desktop versions with extra stuff bolted on top, instead of the other way round doesn't help either.
Microsoft have often tried to increase the complexity of windows and make it as proprietary as possible on purpose, to make it difficult for competitors to produce compatible clones (as happened with dos), this decision is now a huge cause of problems.
Note that unix is a lot older, but the basic design is more flexible, modular and less flawed, as well as being widely understood and documened.
Microsoft need to do as apple did, and ditch their crufty old spaghetti codebase, and start again fresh.with a codebase designed with the modern world in mind, and temporarily implement their old environment under a virtualization environment which is only used for running legacy apps. Doing this has worked well for apple, OSX has gained them significant numbers of new users, is much cleaner and capable than OS9 ever was, and they have been able to ditch the backwards compatibility mode in recent versions.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
darn it microsoft! stop pointing finger at the dumb ones. those intelligent programmers u have... well tell them to do something!
I just had my younger cousin ask me last night my thoughts on Vista. After a 10 minute rant on lack of security, bugs, drivers, DRM & PMP, she stepped in and said. "A friend of mine has it, and hates it" "It asks her 'Are you sure you want to do this?' every time she does anything on the damn thing"
I hope the negative word of mouth spreads like wildfire on this one.
Relocating to San Francisco / Palo Alto... Hire me?
You are absolutely right, the Mac ads are horrendously misleading. The lines from that commercial aren't actual Vista prompts. Even more scandalous: John Hodgman isn't really a PC and Justin Long isn't really a Mac ! Shame on Steve Jobs for his lies.
I've always claimed that Window's problems are purely an engineering issue where performing normal operations involves an unreasonable amount of risk. People who claim "It is the user's fault" miss the fact that many attack vectors are from normal user activities.
It is like claiming "cars can never be safe because people drive them" which is true but fallacious. Under normal operation, a car is safe because it is engineered to be safe. If however you purposely act reckless there isn't a whole lot of engineering in a car that can stop someone from driving off a cliff into the ocean.
What is going on in Windows is that people are performing normal operations that involve either a large amount of unnecessary knowledge to perform correctly or are tricked into thinking important system altering actions are trivial and harmless (or maybe both). For instance:
- Browsing the Internet is a normal user operation. The system may "own" the hardware and software driver for system facilities like the NIC but there should be no reason why it should require anything more than the user having permissions to run an executable. The reason why a scanner is needed on Windows is to make sure IE is behaving properly and isn't subverted because it can invoke any number of other OS functions which it probably should have never been designed too in the first place. The reason why AV software scans traffic on each transaction is that it is impossible for humans to correctly determine if query/responses are going to make IE behave badly or not. This sounds like an engineering flaw in IE more than anything else.
- People want to install "gadgets" like toolbars. It shouldn't require system modification to install a toolbar, desktop applet, or any other gadget. It shouldn't require an elevation of privileges to run them either. It is questionable engineering to require any of these things and requires extra knowledge to do it right. There are specialized pieces of software that do require system modification and they should behave and install differently so there is no confusion. Treating a driver install like a toolbar install is a huge engineering issue.
- It is entirely possible that someone is purposely or accidentally installing something bad, but it shouldn't bring down the entire machine doing it. The user, using user permissions, should not be able to wreck the system no matter what they try on purpose or on accident. They might succeed in ruining their own private stuff but never anything outside their sandbox. Windows doesn't do this and Vista has still not properly addressed the engineering issue if they put up many more "Allow or Deny?" dialogs. Or to put it another way, the user should never be faced with an "Allow or Deny?" dialog in the first place. Asking the user "Operation could break your system. Allow or Deny?" is a silly question to pose. The system needs to be engineered to avoid posing the user with questions just like that.
People interact with hundreds of machines everyday and yet are designed for some misuse. It seems disproportional that Windows has been engineered in such a way it can't take missteps or abuse very well. Accidents happen. Users can be silly. Windows should be engineered better because it doesn't seem to protect against breaking very well nor does it allow for easy recovery.
and HE'S the one who's ignorant?
Hows that work?
Hmm...
Oops.
Seriously dude, why would you want to make money for the lawyers by suggesting something so bass-ackwards? I've got to ask, R U A LAWYER? IANAL and pretty much hate all these class action/anti-monopoly crap that just seems to enrich some fat cat lawyer. I remember the coupons that I got for being in California as part of the MS settlement. What a joke.
Could you imagine that quote in a scientific paper, or a reputable magazine article? No. It screams "nutjob", regardless of what the person is trying to say and/or the truth within it.
No, I can't imagine any reputable journal publishing anything having to do with M$'s secret sauce code.
Being outside of that, I'm free to say whatever I want about the tin-horns who are busy calling free software "a cancer", "communist" and all that jazz. No respect has been earned and none is paid.
Friends don't help friends install M$ junk.
Did you all really want Vista to come out and be ultra secure & perfect? That is just not Windows.. Without all the issues that are inherent with a MS OS... the world would be a more ..boring place.
I for one welcome are new bloated, insecure OS overlords.. as it will provide a source of humor and bashing for the next couple years.
-As well as give Linux more time to get up to speed with games. -perhaps this is where Linux will never change?
Kill your TV
The journal entry author, "Erris", and this commenter, "Twitter", are the same person. Please moderate accordingly.
Imagine one person having more than one account ... the implications are enormous. That individual might, you know, express themselves. Call the propaganda police, individuals are not supposed to express themselves, they are supposed to quietly consume.
ha ha, losers.
I'll tell you what. If you can figure out some kind of way that we can have a trusted escrow, I'll bet you a large sum of money that I'm not lying and can supply evidence of such.
Actually, it's just the opposite. You seem to be wearing pro-MS rosy-color-glasses, and have no idea what you're talking about. If you're not experiencing these issues with Vista, I'd say that you are the one who hasn't even tried it, as it's common knowledge—and yes, personal experience—that it is, indeed, this bad.
Since this Randolpho guy seems to have no idea what he's talking about, and I'm just as much a stranger to you, do this.
Don't trust either of us. Talk to your friends that have recently bought computers with Vista and ask them what they think. Read what the media is saying about it. Go try it out yourself on someone's computer who will let you tinker with it as if it were your own for an hour or two. Then decide for yourself which one of us is drinking Kool-Aid.
Oh, and if you're not too busy, come back here and let us know what you decided and what your impressions are. I'm in the mood for a little vindication today. ;-)
It's not your luck, and it's not my copy of Vista. It's a hideously broken OS.
> Windows has the same "theoretical underpinning" as VMS (hardly surprising, given they're designed by the same person). Which is, I must point out, vastly superior to that of traditional (and most contemporary, at least as commonly configured) UNIXes.
If you mean that it supports loads of crazy and complex file permissions, you'd be right. I've *shudder* used VMS once upon a time, and I remember the screwball commands involving the red and gold keys.
If, however, you mean that Microsoft actually makes good use of any of these complex features, I'd say you're completely off your rocker. Thus, their complexity merely gets in the way--they're harder to understand AND they're not being used in a remotely helpful way.
Security decisions need to be as simple as possible if you want to have any hope of maintaining security. VMS permissions aren't much help for the average user, and Microsoft certainly isn't making any good use of them that I can see.
http://secunia.com/product/96/?task=advisories
Wow!!! http://www.snort.org/docs/advisory-2007-02-19.html
Hypocrites!!!
Step 2: Go to System Preferences
Step 3: Go to Accounts
Step 4: Go to Login Options
Step 5: Next to "Display Login Window as:" click on the radio button for "Name and password"
(note: I'm currently on my iBook with Panther, so the wording might be slightly different for Tiger.)
"Her idea of wit is nothing more than an incisive observation humorously phrased and delivered with impeccable timing."
Well no, they don't all have perl and python installed. They don't have the same directory structure by a long shot and that has kernel module implications. They don't all run samba by choice, though they may have clients, and sshd is not installed by default on most. They may or may not be running xorg, but the configurations will be different. Many have their own kernel versions and compiles. The only way you could think anything else is to have never done any real work on as much as one distribution. The differences are easy for a human to navigate, but difficult for a worm - and this is why there is not a Linux Monoculture and one of the reasons there are no gnu/Linux hosted worms of any significance.
Friends don't help friends install M$ junk.
Are you advocating Microsoft create it's own software repositories, vet all submissions to make sure they are not malware, and only allow windows to install software from those repositories?
Yes. As usual, the only acceptable thing for Microsoft to do is to unconditionally surrender their codebase and release it GPL. They may, after that, vet their own distribution with better efficiency than they currently do. Even then, it would take years for people to build trust in it.
If it isn't, like the last piece of software I installed on my Ubuntu box, then you are left to download a .deb and install it with dpkg. Now, if I write some nasty little app that turns your box into a spambot, roll it into a deb and put it up on a website as "Cool_new_gaim_smileys.deb", what is going to stop little Johnny from downloading and installing it?
"apt-get search smiley", followed by "apt-get install gaim-themes" works great and so does the GUI equivalent, so Johny gets what he wants without having to trust a net nasty like yourself. Contrary to M$ opinion, Johny is not stupid.
Friends don't help friends install M$ junk.
You're saying Debian is secure because there is a centrally controlled repository of software. Vista requires signed kernel-level drivers and you'd say that Microsoft is cutting out open-source developers.
No, a community controlled repository like Debian's is verifiable and something anyone can trust. M$ has cut off everybody, as usual, not just free software developers. It is not verifiable and is usually proved nasty.
Friends don't help friends install M$ junk.
They wanted to create a real separation of privilege levels. You can't have it both ways. You can't have a real separate privileged/deprivileged space and then not need to get permission to escalate. If you do, you are going around it and there isn't real separation. It's feel good security, not do good security.
I mean I could implement a Linux distro where you didn't run as root, but any time a program needed higher privileges the system auto escalated it. That would work, but it really would defeat the purpose of having a super user. For it to really be effective it needs to be how it is now: You have to escalate permission each time it's needed, or set it to that the app is run escalated automatically. Vista works the exact same way (with UAC on).
Now currently the vast majority of "Linux" boxes out there are servers, which reduces the attack surface significantly - and not only because they tend to be run and maintained by people who know what they're doing. That doesn't mean any number of them are not routinely rooted and crapped on. When and if the majority of Linux boxes are desktops then you're going to be singing a different song. You'll be blaming the users for not patching their machines and for doing stupid things that put them in danger. The same thing you seem to be so insulted about when someone makes the same point about Windows.
You are full of it simply because of the simple fact that there are enough "Windoze" machines out there that work just fine and have no malware, viruses or other crap. They're not part of botnets. They're not spam zombies. It's quite simple to secure a Windows desktop even though it has more attack vectors than Linux or OS X. That there are large numbers of people who are incapable of doing that is the problem. What, you think all these hundreds of millions of people will suddenly increase their computer savvy index just because you give them a Mepis live CD? For your sake, I hope to hell you're right.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Interesting.
Consumer Vista has been in general release for less than one month. But the Geek knows that most people are disabling the UAC. The Geek knows how users will respond to all the changes in Vista.
He doesn't need a crystal ball. He only needs to read what other Geeks are posting to their blogs.
Safer than giving up and running as Administrator is to use Filemon and Regmon to find out what exactly the broken application is doing that it shouldn't, then changing the ACL for just those files or registry keys.
Windows non-administrator LUA/UAC advice, tips and tricks.
to judge Vista's security capabilities, or lack thereof. UAC alone isnt going to make Vista secure as many have pointed out, but one of the real issue(s) is Vista's actual security model and how well it was implemented. I hate MS as much as the next Linux user, but I think all these proclamations of Vista's failed security model are hogwash. There is no way to tell at this point, just weeks after launch, that Vista is not secure. Given 6 months to a year, if a Vista machine still suffers as much as an XP machine from spyware etc then I think it would be fair to start criticizing.
Imagine for a moment if Linux achieved 30% market share on the desktop over the next year. I dont believe for a moment that the situation would be anywhere near where it is currently with XP/2000, but there would undoubtedly be more security risks. Would it make sense for OSX/Windows users to label Linux as unsecure because some exploits were discovered? Of course not, the ability of the OSS community to respond to threats in a timely manner and prevent future threats would be the metric that would be (should be) used. It is the same for Vista.
which isn't common for RPM's. However, you can install them to any directory you like and they will work with whatever permissions you need for that area(s).
The firefox installer runs as me. If I run as root, it installs it centrally for all users.
The Loki installer installs under non-root accounts, as long as I point it to a directory that I do have permissions to.
The kernel compiles are different: different patches (specially SuSE) different compilation options (specially Mepis). When you install SuSE did you install KDE or Gnome? When you installed Open Office, it has different branding (therefore MUST be somewhat different from the others, how much, you say? Find out).
When you have the OS do you use devfs or hotplug as the decider of what goes where. Do you use automount or subfs?
Even when it comes to OOo, it is run as you, so is limited to you. So when it wants to be a worm, it really wants to escalate to root.
How?
PNG vuln? What compilation was used for libpng? What is the patch version?
Bugger, the life of a worm isn't rosy, is it...
Let's face it, the best scenario for Linux is the one you have at the moment. It's free and you have all the software you need, and you don't have the preponderance of users, stupid or not, making it worse for everyone. Unfortunately, the more laymen you attract to the Linux desktop just makes it a worse experience for everyone.
Only someone from M$ could loath users like you do. The beauty of free software is the way it shares knowledge and experience without additional cost to the authors. As you might imagine from the class I help teach, I welcome everyone to the code I know and love. The growth of free software desktop market share is a good for me and everyone else.
Friends don't help friends install M$ junk.
Windows Vista is a version of windows that just modified and improved a liitle bit from Windows XP. What it changed is just added some newest security features and enhanced the GUI only. Windows Vista is inherited most of the bugs from windows XP. Since the Windows 98 available in market, Microsoft had been put alot of effort in taking out all the bug in the codes. One of the serious problem they face is that many of the old version windows programmers not longer working for Microsoft. Due to this, they left many unknown bugs in the codes. Microsoft tried to understand the coding but is too difficult to understand million lines of codes one by one. So, in my opinion, Windows Vista had so many vulnerability is because they not willing to rewrite the code in windows.